mirror of
git://git.proxmox.com/git/pve-network.git
synced 2025-04-30 11:27:11 +02:00
fix #4657: evpn: fix exit-node with multiple vrf
Currently, if a node is primary exit-node for 1 vrf, and secondary exit-node for another vrf, The deny route-map is filtering routes imports for both vrf. This patch adds filtering only for the vrf's where the node is secondary. Signed-off-by: Alexandre Derumier <aderumier@odiso.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Alexandre Derumier
Thomas Lamprecht
parent
2bff8ab755
commit
5d5b4099d1
|
|
@ -168,6 +168,7 @@ sub generate_controller_zone_config {
|
|||
if (!$exitnodes_primary || $exitnodes_primary eq $local_node) {
|
||||
#filter default type5 route coming from other exit nodes on primary node or both nodes if no primary is defined.
|
||||
my $routemap_config = ();
|
||||
push @{$routemap_config}, "match evpn vni $vrfvxlan";
|
||||
push @{$routemap_config}, "match evpn route-type prefix";
|
||||
my $routemap = { rule => $routemap_config, action => "deny" };
|
||||
unshift(@{$config->{frr_routemap}->{'MAP_VTEP_IN'}}, $routemap);
|
||||
|
|
|
|||
|
|
@ -53,6 +53,7 @@ router bgp 65000 vrf vrf_myzone
|
|||
exit
|
||||
!
|
||||
route-map MAP_VTEP_IN deny 1
|
||||
match evpn vni 1000
|
||||
match evpn route-type prefix
|
||||
exit
|
||||
!
|
||||
|
|
|
|||
|
|
@ -38,6 +38,7 @@ router bgp 65000 vrf vrf_myzone
|
|||
exit
|
||||
!
|
||||
route-map MAP_VTEP_IN deny 1
|
||||
match evpn vni 1000
|
||||
match evpn route-type prefix
|
||||
exit
|
||||
!
|
||||
|
|
|
|||
|
|
@ -53,6 +53,7 @@ router bgp 65000 vrf vrf_myzone
|
|||
exit
|
||||
!
|
||||
route-map MAP_VTEP_IN deny 1
|
||||
match evpn vni 1000
|
||||
match evpn route-type prefix
|
||||
exit
|
||||
!
|
||||
|
|
|
|||
Loading…
Reference in a new issue